Samoistne otwieranie stron z reklamami

[olenia82dko]

Witam serdecznie, jakieś 2 lub 3 dni temu podczas serfowania po internecie zauważyłam, że w przeglądarce otwierają się co chwilę nowe
okna z reklamami. Ściągnęłam program OTL i zeskanowałam tak jak to opisane zostało w którymś z postów. Poniżej przesyłam linki
Extras Txt. http://www.wklej.eu/index.php?id=fb260a678a
OTL Txt. http://www.wklej.eu/index.php?id=334cb058cf

Proszę o pomoc i dziękuję za szybką odpowiedź.

[mateo8898]

Brak logu z Gmer http://forum.instalki.pl/otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967.html#p88736, uzupełnij.

Odinstaluj tuto4pc_pl_17

Następnie:

Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL
MOD - [2013-08-26 16:48:54 | 003,154,416 | ---- | M] () -- C:\Users\Olusia\AppData\Local\tuto4pc_pl_17\upt4pc_pl_17.exe
MOD - [2013-08-26 16:48:48 | 003,965,936 | ---- | M] () -- C:\Program Files (x86)\tuto4pc_pl_17\tuto4pc_pl_17.exe
IE - HKU\S-1-5-21-2138419130-3933168715-3646154388-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111789&tt=3312_1&babsrc=HP_ss&mntrId=66a4593c000000000000000000000000
[2013-10-11 12:36:19 | 000,001,302 | ---- | M] () -- C:\Users\Olusia\AppData\Roaming\mozilla\firefox\profiles\6e3seolf.default\searchplugins\searchgol.xml
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [tuto4pc_pl_17] C:\Program Files (x86)\tuto4pc_pl_17\tuto4pc_pl_17.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autorun.cmd ()
O4 - HKLM..\RunOnce: [upt4pc_pl_17.exe] C:\Users\Olusia\AppData\Local\tuto4pc_pl_17\upt4pc_pl_17.exe ()
[2013-10-15 13:10:50 | 000,000,000 | ---D | C] -- C:\Users\Olusia\AppData\Local\avgchrome
[2013-10-11 12:35:42 | 000,000,000 | ---D | C] -- C:\Users\Olusia\AppData\Local\eorezo
[2013-10-11 12:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUTO4PC
[2013-10-11 12:35:38 | 000,000,000 | ---D | C] -- C:\Users\Olusia\AppData\Local\tuto4pc_pl_17
[2013-10-11 12:35:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tuto4pc_pl_17
[2012-08-18 22:17:32 | 000,000,000 | ---D | M] -- C:\Users\Olusia\AppData\Roaming\Babylon

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Podajesz log z usuwania + nowe logi z OTL.

[olenia82dko]

Brakujący Log z Gmer: jest tak długi i nie mieści się w wiadomości. Nie mogę wysłać.

[mateo8898]

Od tego mamy przecież http://www.wklej.eu/

[olenia82dko]

No tak, przepraszam
http://www.wklej.eu/index.php?id=bff2748537

[mateo8898]

OK, przejdź do kolejnych kroków.

[olenia82dko]

W OTL postąpiłam jak kazałeś, OTL uruchomił ponownie komputer i pojawiło się to:

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
HKU\S-1-5-21-2138419130-3933168715-3646154388-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Users\Olusia\AppData\Roaming\mozilla\firefox\profiles\6e3seolf.default\searchplugins\searchgol.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pl_17 deleted successfully.
File C:\Program Files (x86)\tuto4pc_pl_17\tuto4pc_pl_17.exe not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autorun.cmd moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\upt4pc_pl_17.exe not found.
File C:\Users\Olusia\AppData\Local\tuto4pc_pl_17\upt4pc_pl_17.exe not found.
C:\Users\Olusia\AppData\Local\avgchrome folder moved successfully.
C:\Users\Olusia\AppData\Local\eorezo\eorezo\1.10 folder moved successfully.
C:\Users\Olusia\AppData\Local\eorezo\eorezo folder moved successfully.
C:\Users\Olusia\AppData\Local\eorezo folder moved successfully.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUTO4PC\ not found.
Folder C:\Users\Olusia\AppData\Local\tuto4pc_pl_17\ not found.
Folder C:\Program Files (x86)\tuto4pc_pl_17\ not found.
C:\Users\Olusia\AppData\Roaming\Babylon folder moved successfully.
========== COMMANDS ==========
System Restore Service not available.
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 327974 bytes
->Flash cache emptied: 57793 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Olusia
->Temp folder emptied: 86474567 bytes
->Temporary Internet Files folder emptied: 1955042 bytes
->FireFox cache emptied: 81696417 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 58837 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1084508 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85658 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 164,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10172013_192024

Files\Folders moved on Reboot...
C:\Users\Olusia\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe moved successfully.
C:\Users\Olusia\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Olusia\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\startupCache\startupCache.4.little moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Olusia\AppData\Local\Mozilla\Firefox\Profiles\6e3seolf.default\_CACHE_CLEAN_ moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\temp\HS.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[mateo8898]

OK, teraz wykonaj nowe logi z OTL.

[olenia82dko]

OTL. Txt.
http://www.wklej.eu/index.php?id=2e193acbe0
Extras. Txt
http://www.wklej.eu/index.php?id=0616a97443

[mateo8898]

Odinstaluj jeszcze Bing Bar

Wklej w OTL:

:OTL
FF - prefs.js..browser.startup.homepage: "http://www.searchgol.com/?babsrc=HP_ss&mntrId=66A400A0C6000000&affID=125035&tsp=5032"

Klikasz Wykonaj skrypt, następnie Sprzątanie

Przeczyść dysk oraz rejestr CCleaner

Odinstaluj starą wersję czytnika .PDF:

Adobe Reader 9.5.5 MUI

i zainstaluj najnowszą http://www.instalki.pl/programy/download/Windows/odczyt_edycja_pdf/Adobe_Reader.html

[olenia82dko]

Wszystko zrobiłam jak kazałeś i wszystko gra
Bardzo dziękuję za pomoc i pozdrawiam.